aefd2b12a4e9e157b02e2888af8274be_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aefd2b12a4e9e157b02e2888af8274be_JaffaCakes118
Size

49KB
MD5

aefd2b12a4e9e157b02e2888af8274be
SHA1

61f0c9a536a5b5c988bf25b7a52a32fd0c371eed
SHA256

a35aa252df97f66682c802b5fedce1a587588793d04175b088a27441993e87b7
SHA512

edccc4c5f3f8b9c6259b9ea7b1a675294756edab3e472839709b4f9897ea77c5884b45f9eced032f406667548859b75c4977c8c50ef0efbfaeb0d6927273832f
SSDEEP

1536:TfacPecUr0BcG2uBoe0PwSqGchegJaVcN:mceX3qkgvN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aefd2b12a4e9e157b02e2888af8274be_JaffaCakes118

Files

aefd2b12a4e9e157b02e2888af8274be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ba474b317a922ff5f00f71a547f99b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
DeleteFileA
DeviceIoControl
CloseHandle
CreateFileA
WinExec

advapi32

DeleteService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA

msvcrt

_snprintf
fclose
fwrite
fopen
sprintf
strncpy
strrchr
_stricmp
_strlwr

shlwapi

SHDeleteValueA
SHSetValueA

setupapi

SetupIterateCabinetA

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 992B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ